public access points

[hot dog]

Is using HTTPS sufficient enough when using public wireless access points?  For instance, would I be safe checking my online bank statement using a public access point, if the bank website uses HTTPS for encrypting data?

[Rob Pomeroy]

Not if the workstation has been compromised and a keylogger installed.  Never trust hardware you don't control!  It's far safer to call your bank on the phone.

[hot dog]

Are you saying that if a hacker was using the same access point as me, he could install a keylogger into my system?

Software firewalls don't make any difference?

[Rob Pomeroy]

Sorry - I misread your original question.  I thought you were talking about public access terminals.  Public wireless generally is not significantly less secure than your own wireless setup at home.  SSL over HTTP does improve your chances of keeping your transaction encrypted, secure and private and a cracker would have to be pretty determined to get anywhere.

The risk is that the system you're using is compromised in such a way that it transparently shows you a bogus website in place of your bank's real website.  That's unlikely, but with router DNS attacks being on the rise, it's one of the most significant attack vectors in the scenario you're contemplating.

The other risk is a sniffing attack but your SSL transaction would be very difficult to penetrate.

[hot dog]

The risk is that the system you're using is compromised in such a way that it transparently shows you a bogus website in place of your bank's real website.  That's unlikely, but with router DNS attacks being on the rise, it's one of the most significant attack vectors in the scenario you're contemplating.

I think I've read about this, isn't is called "pharming" or somthin like that...When a hacker hacks the server of the website you are accessing and resolves your IP address to a look-alike, phony website..?

[Rob Pomeroy]

It's more scary than that.  You know how most people access the internet through a router?  Those routers can be reprogrammed so that when the home user tries to go to ABC Bank, the router goes off to a criminal's replica of that bank's website.  This is done in such a way that the end user would not be aware of the redirection.  To be honest, even hardened gurus would find it difficult to spot such a thing.  It is vitally important that routers are secure, that their web interfaces are not accesible from the internet and that the passwords are not left at their default.

[hot dog]

It's more scary than that.  You know how most people access the internet through a router?  Those routers can be reprogrammed so that when the home user tries to go to ABC Bank, the router goes off to a criminal's replica of that bank's website.  This is done in such a way that the end user would not be aware of the redirection.  To be honest, even hardened gurus would find it difficult to spot such a thing.  It is vitally important that routers are secure, that their web interfaces are not accesible from the internet and that the passwords are not left at their default.

woe

If you suspect that your router has been reprogrammed, what could you do about it?

[Rob Pomeroy]

Factory reset.

[hot dog]

thanks, sir